Skip to content

A python based library to interact with .net webservices with net.tcp binding. Supports MC-NMF, MC-NMFTB and MS-NNS and contains a proxy for reading communications with webservices which require the negotiate encryption.

License

Notifications You must be signed in to change notification settings

ernw/net.tcp-proxy

Repository files navigation

.Net netTcp WCF Binding Framwork

This library implements the MC-NMF, MC-NMFTB and MS-NNS protocols for net.tcp webservices. It is able to parse and encode the different protocols and interact as an Man-in-the-Middle proxy for the negotiate authentication.

This library is meant to be run/installed with python3. It should also work with python2.7 (possibly required with GSSAPI). Ensure not to run the proxy.py file directly, as it requires to be part of a python package. Use nettcp-proxy instead.

Parse data

Code:

from io import BytesIO
stream = BytesIO(data)

while stream.tell() < len(data):
    record = Record.parse_stream(stream)

From trace file (captured by proxy)

decode-nmf foo.trace

Connect to service

Unencrypted:

import socket
from nettcp.stream.socket import SocketStream
from nettcp.stream.nmf import NMFStream

s = socket.create_connection(('127.0.0.1', 1234))
socket_stream = SocketStream(s)
stream = NMFStream(socket_stream, 'net.tcp://127.0.0.1/Service1')

stream.preamble()
stream.write('...')

With GSSAPI:

requesting ticket with krb5

kvno host/foo.example.com

authenticate with python

import socket
from nettcp.stream.socket import SocketStream
from nettcp.stream.nmf import NMFStream

s = socket.create_connection(('127.0.0.1', 1234))
socket_stream = SocketStream(s)
stream = NMFStream(socket_stream, 'net.tcp://127.0.0.1/Service1', '[email protected]')

stream.preamble()
stream.write('...')

Capture connection

nettcp-proxy.py -b <localaddr> -p <localport> -t logfile.trace <targetserver> <targetport>

Man-in-the-Middle of netTcp with negotiate stream

kinit user/foo.example.com
kvno host/foo.example.com
nettcp-proxy.py -b <localaddr> -p <localport> -t logfile.trace -n [email protected] <targetserver> <targetport>

About

A python based library to interact with .net webservices with net.tcp binding. Supports MC-NMF, MC-NMFTB and MS-NNS and contains a proxy for reading communications with webservices which require the negotiate encryption.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages